HHS Publishes HIPAA Audit Protocol

The Department of Health and Human Services (HHS) has posted on its website the protocol for the HIPAA audits required under the HITECH Act. Section 13411 of the HITECH Act requires HHS to provide for periodic audits to ensure that covered entities and business associates are in compliance with the HIPAA standards for privacy, security, and breach notification. The protocol sets out the specific requirements that HHS will assess through performance audits, and may serve as a helpful resource for determining whether your organization is in compliance with those standards.

About the Covington Data Privacy and Cybersecurity group

Repeatedly ranked as having one of the best privacy practices in the world, Covington combines exceptional substantive expertise with an unrivaled understanding of the IT industry, and of e-commerce and digital media business models in particular. Read More